add permission to rubrics, awards and divisions

[shachar742]

Description

Please include a summary of the changes made, and the related issue.
List any dependencies that are required for this change.

Closes # (issue)

Type of change

Please delete options that are not relevant.

• Bug fix (non-breaking change which fixes an issue)
• New feature (non-breaking change which adds functionality)
• Breaking change (fix or feature that would cause existing functionality to not work as expected)
• This change requires a documentation update

Screenshots

Please provide screenshots of changes made to UI components.

Checklist

• My code follows the style guidelines of this project
• I have performed a self-review of my code
• My changes generate no new warnings

[johnmeshulam]

Few small things:

1 - don't use MutationError, you can create a new ResolverError class
2- If the main divisions resolver checks division assignment, lets remove it from the other resolver checks
3- for the awards and rubrics checks, lets not check the root (since reports for example can query awards), instead:

• Create an awardWinnerResolver which will resolve the winner field, and restrict only that resolver. The restriction should be either judge-advisor, or any user if the awards have been locked (use placeholder logic for locking for now)

• Use the existing rubricDataResolver to restrict access only to the rubric data to the allowed roles

[johnmeshulam]

In addition to these comments: The login page's voluntees graphql, we also query divisions.

Maybe we should make some of the division fields public to solve this, it willm still break login:

[johnmeshulam]

leftover comment?

[johnmeshulam]

This checks auth on awards resolver without winners

[johnmeshulam]

Nice resolver :)